package com.acc.filter;

/**
 * @author 朱春阳
 */

import java.io.IOException;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.acc.entity.Admin;
import com.acc.entity.Role;
import com.acc.entity.User;

public class AuthorityFilter implements Filter {

	@Override
	public void destroy() {
		// TODO Auto-generated method stub

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse resp = (HttpServletResponse) response;
		// 判断有无与请求对应的uri
		boolean judge = false;
		String re_uri = "";
		// 获取请求的uri
		String req_uri = req.getRequestURI();

		System.out.println(req_uri);
		if (req_uri.equals("/TicketManager/login.jsp")) {
			chain.doFilter(request, response);
		} else if (req_uri.equals("/TicketManager/RegisterServlet")) {
			chain.doFilter(request, response);
		} else if (req_uri.equals("/TicketManager/Admin/AdminLoginRegister")) {
			chain.doFilter(request, response);
		} else if (req_uri.equals("/TicketManager/LoginServlet")) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("js")) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("css")) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("png")) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("gif")) {
			chain.doFilter(request, response);
		} else if ("/TicketManager/TwoLevelServlet".equals(req_uri)) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("jpg")) {
			chain.doFilter(request, response);
		} else if (req_uri.endsWith("/index.jsp")) {
			chain.doFilter(request, response);
		} else if ("/TicketManager/OneLevelServlet".equals(req_uri)) {
			chain.doFilter(request, response);
		} else if ("/TicketManager/ValidateCodeServlet".equals(req_uri)) {
			chain.doFilter(request, response);
		} else if ("/TicketManager/UserIconSaverServlet".equals(req_uri)) {
			chain.doFilter(request, response);
		} else {
			// 取出session中的管理员信息
			Admin admin = (Admin) req.getSession().getAttribute("admin");
			// 取出session中管理员对应的权限信息
			Role relation = (Role) req.getSession().getAttribute("role");
			if (admin != null) {
				// 如果从键中取出了root，则说明是根用户，则判断为最大权限
				boolean flag = relation.getRelation().keySet().contains("root");
				if (flag) {
					chain.doFilter(req, resp);
				} else {
					Map<String, Set<String>> rel = relation.getRelation();
					Set<Entry<String, Set<String>>> set = rel.entrySet();
					for (Map.Entry<String, Set<String>> entry : set) {
						Set<String> uris = entry.getValue();
						for (String uri : uris) {
							if (uri.equals(req_uri)) {
								chain.doFilter(req, resp);
								judge = true;
								break;
							}
						}
						if (judge) {
							break;
						}
					}
					if (judge) {
						chain.doFilter(req, resp);
					} else {
						resp.sendRedirect("/TicketManager/login.jsp");
					}
				}
			} else {
				resp.sendRedirect("/TicketManager/login.jsp");
			}
		}
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		// TODO Auto-generated method stub

	}

}
